1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help

Threaded Mode
Login Problem
McGuiness
Big Clucker
***
Posts: 125
Threads: 31
Joined: Aug 2014
Reputation: 0
#1

23.05.2016, 17:28
Hey all,

So I only just found out that my login system has screwed up a bit, and I need some help, but when I get to the logn screen, what happens is you can type any other password and it will let you in, so for example if you set the password to "Hello" you can just use "hi" or just leave it blank and it let's you in, and I'm not sure why it is doing this, but here is the code:

Код:
if(dialogid == DIALOG_LOGIN)
	{
		if(!response)
		{
		    Kick(playerid);
		}
		if(response)
		{
	  		//if(strcmp(PlayerInfo[playerid][pPass], inputtext, true, 129))
	  		if(strcmp(inputtext, PlayerInfo[playerid][pPass], false))
	  		{
	  		    new Query[500];
	  		    mysql_real_escape_string(PlayerInfo[playerid][Nick], PlayerInfo[playerid][Nick]);
	  		    mysql_format(mysql, Query, sizeof(Query), "SELECT * FROM `playerdata` WHERE `nick` = '%s' LIMIT 1", PlayerInfo[playerid][Nick]);
				mysql_tquery(mysql, Query, "OnAccountLoad", "i", playerid);
	  		}
	  		else
	  		{
         		ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD,"{FFFFFF}BCRP - Login","{F81414}You have entered an incorrect password.\n{FFFFFF}Type your password below to login.","Login","Quit");
	  		}
		}
	}
Need some help as I don't now what the hell has gone on here...
Find
Reply
Stinged
High-roller
*****
Posts: 1,578
Threads: 15
Joined: Feb 2013
Reputation: 0
#2

23.05.2016, 17:35
I'll start by asking you why aren't you hashing the passwords?

Also, you should pay attention to wasting memory, as it causes server lag.
Код:
SELECT * FROM `playerdata` WHERE `nick` = '' LIMIT 1
// This is 52 characters long.
// Add 24 characters to it (the name, %s)
SELECT * FROM `playerdata` WHERE `nick` = '%s' LIMIT 1
// 52 + 24 = 76
// Add 1 for the EOS, and it's 77 now
So the query's size should be 77 and not 300.

And since you're using mysql_format, why are you using mysql_real_escape_string?
mysql_format already has %e, which is like %s but it 'auto-escapes' the string.


But now onto fixing your problem:
EDIT: Sorry I didn't notice that you didn't check if strcmp was equals to 0.
(Read what the user below me posted)
Find
Reply
DRIFT_HUNTER
High-roller
*****
Posts: 2,203
Threads: 154
Joined: Oct 2009
Reputation: 0
#3

23.05.2016, 17:36
pawn Код:
if(strcmp(inputtext, PlayerInfo[playerid][pPass], false))
strcmp returns 0 if strings are equal. Also always check if inputtext is empty before comparing strings.

pawn Код:
if(strlen(inputtext) > 0 && strcmp(inputtext, PlayerInfo[playerid][pPass], false) == 0)
Find
Reply
McGuiness
Big Clucker
***
Posts: 125
Threads: 31
Joined: Aug 2014
Reputation: 0
#4

23.05.2016, 17:38
Yes I have added the players password, but I don't get why it won't work it confuses me soo much..
Find
Reply
McGuiness
Big Clucker
***
Posts: 125
Threads: 31
Joined: Aug 2014
Reputation: 0
#5

23.05.2016, 17:40
Quote:
Originally Posted by DRIFT_HUNTER
Посмотреть сообщение
pawn Код:
if(strcmp(inputtext, PlayerInfo[playerid][pPass], false))
strcmp returns 0 if strings are equal. Also always check if inputtext is empty before comparing strings.

pawn Код:
if(strlen(inputtext) > 0 && strcmp(inputtext, PlayerInfo[playerid][pPass], false) == 0)
When I use that, I test to see if it will deny the password, and it does but now it deny's the correct password...
Find
Reply
Stinged
High-roller
*****
Posts: 1,578
Threads: 15
Joined: Feb 2013
Reputation: 0
#6

23.05.2016, 17:43
Код:
if (strcmp(string, string2) == 0)
{
    // The strings match
}
else
{
    // The strings don't match
}
You have it flipped in your code.
Find
Reply
seifspawnov
Little Clucker
**
Posts: 2
Threads: 0
Joined: Jun 2015
Reputation: 0
#7

23.05.2016, 17:43
Add his code
Find
Reply
McGuiness
Big Clucker
***
Posts: 125
Threads: 31
Joined: Aug 2014
Reputation: 0
#8

23.05.2016, 17:47
Quote:
Originally Posted by Stinged
Посмотреть сообщение
Код:
if (strcmp(string, string2) == 0)
{
    // The strings match
}
else
{
    // The strings don't match
}
You have it flipped in your code.
Flipped it, still doesn't work
Find
Reply
Stinged
High-roller
*****
Posts: 1,578
Threads: 15
Joined: Feb 2013
Reputation: 0
#9

23.05.2016, 17:48
Then can you show me how you're loading the passwords?
Find
Reply
McGuiness
Big Clucker
***
Posts: 125
Threads: 31
Joined: Aug 2014
Reputation: 0
#10

23.05.2016, 17:52
Код:
public OnAccountCheck(playerid)
{
    SetPlayerCameraPos(playerid, -192.3700, 883.2700, 13.7500);
	SetPlayerCameraLookAt(playerid, -192.6300, 884.2400, 13.8200);
	SetPlayerPos(playerid, -195.7553, 895.5865, 8.6920);
	new rows, fields, string[128];
	cache_get_data(rows, fields, mysql);
	if(rows)
	{
	    new tmp[129];
	    cache_get_field_content(0, "Password", tmp);
		format(PlayerInfo[playerid][pPass], 129, "%s", tmp);
	    //cache_get_field_content(0, "password", PlayerInfo[playerid][pPass], mysql, 129);
        format(string, sizeof(string), "Welcome back %s!\n\nPlease type in your password to log back into the server!", GetNameEx(playerid));
  		ShowPlayerDialog(playerid, DIALOG_LOGIN, DIALOG_STYLE_PASSWORD, "BCRP - Login", string, "Login", "Quit");
    }
    else
    {
        format(string, sizeof(string), "Welcome %s!\n\nWe have noticed you do not have an account registered with us!\nPlease type a password to register a new account:", GetNameEx(playerid));
 		ShowPlayerDialog(playerid, DIALOG_REGISTER, DIALOG_STYLE_PASSWORD, "BCRP - Register", string, "Register", "Quit");
    }
	return 1;
}
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help